Page MenuHomeSolus
Differential D891

Update libidn2 to 2.0.4
ClosedPublic
Actions

Authored by kyrios123 on Aug 27 2017, 9:01 PM.
Tags
Referenced Files
F11002718: D891.diff
Mon, Jul 31, 3:38 AM
F10994690: D891.id2090.diff
Wed, Jul 26, 12:04 AM
F10970560: D891.id2259.diff
Fri, Jul 21, 3:00 AM
F10963251: D891.id1955.diff
Wed, Jul 19, 2:46 AM
F10961858: D891.id2001.diff
Tue, Jul 18, 6:49 PM
F10946487: D891.diff
Sat, Jul 15, 10:22 AM
F10893815: D891.id2259.diff
Jul 1 2023, 3:24 AM
F10879087: D891.diff
Jun 21 2023, 6:52 PM
View All 12 Files
Subscribers
None

Details

Reviewers
JoshStrobl
Group Reviewers
Triage Team
Commits
R3478:0876717fe8d1: Update libidn2 to 2.0.4
Summary

Security:

  • Fix CVE-2017-14061
  • Fix CVE-2017-14062

Changeog:

  • Fix integer overflow in bidi.c/_isBidi()
  • Fix integer overflow in puny_decode.c/decode_digit()
  • Improve docs
  • Fix idna_free() to idn_free()
  • Update fuzzer corpora
  • %IDN2_USE_STD3_ASCII_RULES disabled by default. Previously we were eliminating non-STD3 characters from domain strings such as _443._tcp.example.com, or IPs 1.2.3.4/24 provided to libidn2 functions. That was an unexpected regression for applications switching from libidn and thus it is no longer applied by default. Use %IDN2_USE_STD3_ASCII_RULES to enable that behavior again.
  • Fix several documentation issues
  • Fix build issues
  • Modernize gtk-doc build infrastructure.

Packaging:

  • Remove: unnecessary builddep
  • Add: make check

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan

Did a few checks with curl+libidn2

Diff Detail

Repository
R3478 libidn2
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kyrios123 created this revision.Aug 27 2017, 9:01 PM
Herald added a reviewer: Triage Team. · View Herald TranscriptAug 27 2017, 9:01 PM
kyrios123 updated this revision to Diff 2001.Aug 30 2017, 4:26 PM
kyrios123 retitled this revision from Update libidn2 to 2.0.3 to Update libidn2 to 2.0.4.
kyrios123 edited the summary of this revision. (Show Details)

Bump to 2.0.4

  • Fix integer overflow in bidi.c/_isBidi()
  • Fix integer overflow in puny_decode.c/decode_digit()
  • Improve docs
  • Fix idna_free() to idn_free()
  • Update fuzzer corpora
kyrios123 updated this revision to Diff 2090.Sep 4 2017, 8:41 PM
kyrios123 edited the summary of this revision. (Show Details)
kyrios123 added a project: Restricted Project.

Update description for CVE-2017-14061 & CVE-2017-14062

JoshStrobl accepted this revision.Sep 13 2017, 10:53 AM
This revision is now accepted and ready to land.Sep 13 2017, 10:53 AM
Closed by commit R3478:0876717fe8d1: Update libidn2 to 2.0.4 (authored by kyrios123, committed by JoshStrobl). · Explain WhySep 13 2017, 12:48 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
11 lines
22 lines

Diff 2259

View Options

package.yml

Loading...
View Options

pspec_x86_64.xml

Loading...
Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.